Payrovia
Book a demo
SOC 2 Type II in progress · ISO 27001 roadmap · GDPR-ready architecture

Payroll is the most sensitive HR data. We're engineering for that bar.

Honest snapshot of our security posture: what is implemented and verifiable today, what is in active audit, and what is on the public roadmap. We will not claim attestations we have not received.

Where we are today — honestly

SOC 2 · IN PROGRESS

Type II observation window underway

Type I report targeted Q3 2026. Type II report targeted Q1 2027. We will share auditor letters and observation-period dates under NDA on request.

ISO 27001 · ROADMAP

ISMS scoped, gap analysis complete

Stage 1 audit targeted for 2027. The control mapping is published internally; we will share the statement of applicability draft under NDA.

GDPR

EU data protection — architecture

Article 28 DPA template available. EU SCCs for transfers. DPIA template provided. Right-to-erasure flow built at the employee level. Data residency in Frankfurt available for EU customers.

PDPA SG/MY

Singapore & Malaysia — architecture

Compliant with PDPC Singapore and Malaysia PDPA 2010 in product design. Local-language privacy notice templates available.

LGPD

Brazil — architecture

ANPD-aligned controls in product design. Brazilian DPO available on Enterprise contracts.

PEN-TEST · PLANNED

External 3rd-party test

First external penetration test scheduled before general availability. Summary will be available under NDA from the date it lands.

How your data is protected

ENCRYPTION

AES-256 + TLS 1.3

All data encrypted at rest with AES-256, in transit with TLS 1.3. Per-tenant encryption keys via AWS KMS / GCP KMS. Field-level encryption for national IDs, bank accounts, salary.

RESIDENCY

Regional data residency

APAC (Singapore), EMEA (Frankfurt), Americas (us-east). Customers on Enterprise can pin residency per country — Brazilian data stays in Brazil, JP data in Tokyo.

SoD

Separation of duties

Engineered into the workflow engine. A user who edits gross pay cannot also approve the run. A user who issues a payment cannot also reconcile it. Cannot be turned off by a tenant admin.

RBAC

Granular role-based access

40+ permission scopes. Per-country, per-entity, per-employee-group access. Manager visibility limited to direct reports by default.

AUDIT LOG

Immutable audit trail

Every state change recorded with actor, IP, user-agent, before/after diff. Streamed to your SIEM via webhook on Enterprise. Retained 7 years.

SSO/MFA

SAML 2.0 / OIDC + MFA

Okta, Azure AD, Google, JumpCloud out of the box. MFA enforced for all roles with payroll-edit privileges. SCIM 2.0 for provisioning.

PEN-TEST

Quarterly penetration tests

External 3rd-party pen-tests every quarter. Critical findings remediated within 7 days. Latest summary available under NDA.

BACKUP

Point-in-time recovery

Continuous backups with 35-day point-in-time recovery. Quarterly DR drills. RTO 4 hours, RPO 15 minutes.

For your auditors & procurement

Read-only auditor portal

Give your external auditors direct read-only access. They see balances, drill into individual paystubs, export GL journal entries, and read the immutable audit log — without bothering your payroll team.

Sub-processor list

Public, versioned. We notify customers 30 days before adding a sub-processor. Current list available at /subprocessors.

Annual penetration test summary

Latest executive summary available under NDA on request. Full report available to Enterprise customers.

Need the full security pack?

SOC 2 report, ISO certs, pen-test summary, DPA template, sub-processor list — sent under mutual NDA.

Request security pack →